You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Register a free account to unlock additional features at BleepingComputer.com

Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Skeptical of prompt when initiating Adwcleaner

Recently downloaded Adwarecleaner from this site. When attempting to run it I get a prompt to allow unknown publisher to make changes to my computer. Program name is Adwcleaner.exe with an unknown publisher. Please inform me as to the validity of this program.

AdwCleaner has been downloaded and used 416000 times in the last week.

I used it myself this morning...fresh download via Bleeping Computer.

I do not have User Account Control Settings enabled, so I never see those prompts.

If you need the instructions to use this tool...:

Download AdwCleaner by Xplode and save to your Desktop.
Double-click on AdwCleaner.exe to run the tool.
(* Vista/Windows 7/8 users right-click and select Run As Administrator.)
Click on the Scan button (only once)
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button only once for accuracy.
A report (AdwCleanerR0.txt) will open in Notepad for your review.
Check the listed removals and see if you are OK with them.
If you have questions, post the Report log back here.....if not, then please proceed to the next step

Next

Click on the Clean button only once for accuracy
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK finally to allow AdwCleaner to Restart the computer and complete the removal process.
After rebooting, a log report (AdwCleanerS0].txt) will open automatically.
.

Note: With most Adware / Junkware / PUPs it is strongly recommended to deal with it like a legitimate program and uninstall from Programs and Features or Add/Remove Programs in the Control Panel. In many cases, using the uninstaller of the adware not only removes the adware more effectively, but it also restores any changed configuration. After uninstallation, then you can run specialized tools like AdwCleaner and JRT to fix any remaining entries they may find.

If any of the other items prove to be wanted later, they can be reinstalled as original (see below)
- To restore an item that has been deleted : Open the program again,
- Go to Tools (top left) > Quarantine Manager > check what you want restored > then click on Restore.

Condobloke

Outback Australian

fed up with Windows antics...??

LINUX IS THE ANSWER

I USE LINUX MINT EXCLUSIVELY... NO DUAL BOOT, NO VIRTUAL MACHINE

Failure is not an option. It comes bundled with your Microsoft product.

I do not have User Account Control Settings enabled, so I never see those prompts.

If you were thinking about doing the same in the future, please don't. Leaving the UAC enabled is critical to the safety of your Windows OS and it should always remain active at all times. Some don't use it like Condo, but it's a huge risk.

Depending on the level of expertise of the user, having UAC disabled may or may not be a "huge" risk.....there are a few "flavors" to choose from...ranging in various levels of "annoyance"..

in Windows 7 and Windows 8 there are four levels to choose from. The differences between them are the following:

Always notify - at this level you are notified before applications and users make changes that required administrative permissions. When an UAC prompt shows up, the desktop is dimmed as shown in the screenshot below. You must choose Yes or No before you can do anything else on the computer. Security Impact: this is the most secure setting and the most annoying. If you did not like the UAC implementation from Windows Vista, you won't like this level.

Notify me only when programs/apps try to make changes to my computer - this is the default level and UAC notifies you only before programs make changes that require administrative permissions. If you manually make changes to Windows, then a UAC prompt is not shown. This level is less annoying as it doesn't stop the user from making changes to the system, it only shows prompts if an application wants to make changes. When an UAC prompt is shown, the desktop is dimmed and you must choose Yes or No before you can do anything else on your computer. Security Impact: this is less secure than the first setting because malicious programs can be created to simulate the keystrokes or mouse movements made by a user and change Windows settings. However, if you are using a good security solution, such scenarios should not occur.

Notify me only when programs/apps try to make changes to my computer (do not dim my desktop) - this level is identical to the one above except the fact that, when a UAC prompt is shown, the desktop is not dimmed and other programs are able to interfere with it. Security Impact: this level is even less secure as it makes it easy for malicious programs to simulate keystrokes or mouse moves that interfere with the UAC prompt.

Never notify - at this level, UAC is turned off and it doesn't offer any protection against unauthorized system changes. Security Impact: if you don't have a good security solution you are very likely to encounter security issues with your PC. With UAC turned off it is much easier for malicious programs to infect your computer and take control.

The UAC implementation from Windows 7 & Windows 8 provides a good balance between security and usability. I hope that instead of disabling it, you will choose only to switch to a less annoying levels that provides the security Microsoft intended this feature to provide.

Condobloke

Outback Australian

fed up with Windows antics...??

LINUX IS THE ANSWER

I USE LINUX MINT EXCLUSIVELY... NO DUAL BOOT, NO VIRTUAL MACHINE

Failure is not an option. It comes bundled with your Microsoft product.

MD5 (Message-Digest algorithm 5) is a commonly used cryptographic hash function with a unique a 128-bit hash value used in a wide variety of security applications to check/verify file integrity and for password authentication. A cryptographic hash (MD5, SHA1, SHA256) is used to identify a particular file and to make sure that a downloaded file is identical with the one that the author uploaded. These hashes are calculated from the file itself, the binary code defines how the final hash looks. If you change just a single byte the hash will change dramatically, so they are usually a good way to ensure that you have the right version.

...the MD5 algorithm is used to generate a hash value from the known good data -- either the original password in the first case or the original file in the latter case. For password authentication, then, whenever the password is entered by someone attempting to log in, a hash is generated from the entered password and compared against the stored hash. If they match, authentication is determined by the system to be successful. For file integrity verification, such as when downloading an application installer, there is often an MD5 hash (often called a "checksum") provided along with the download. To verify the file is the original, uncorrupted file you wanted, generate a new hash from the file and compare it against the MD5 hash provided with the download...

You can also download and use Sigcheck by Mark Russinovich...a command-line utility that shows file version number, timestamp information, and digital signature details, including certificate chains. It also includes an option to check a files status on VirusTotal. Extract (unzip) sigcheck and place sigcheck.exe in your root directory, usually C:\.To check for unsigned files in the \Windows\System32 directories, use the following RUN command:C:\sigcheck -u -e c:\windows\system32